• Security Architect.
• Pharma Leader Company (60% telework).

Pharma Leader Company

• Define and implement secure application architecture for microservices and APIs.


• Design and enforce security best practices using Spring Security and OAuth2 (Cognito, Keycloak).


• Ensure compliance with OWASP, NIST, GDPR, and other security frameworks.


• Implement and manage OAuth2 and OpenID Connect (OIDC) for authentication and authorization.


• Integrate and configure AWS Cognito and Keycloak for identity and access management.


• Develop and enforce secure coding practices in Java and Spring Boot applications.


• Implement data encryption, secure API gateways, and token management.


• Collaborate with engineering teams to conduct security code reviews and threat modeling.


• Ensure Kafka security (authentication, authorization, and encryption).


• Implement PostgreSQL security best practices, including encryption, access controls, and monitoring.


• Secure inter-service communication using mTLS, JWT, and OAuth2 tokens.


• Implement logging, monitoring, and anomaly detection for security events.

• Permanent Contract.


• Competitive Salary.


• 3 days a week working from home.


• Flexible Schedule.


• Multicultural and friendly team.


• Exciting opportunities for professional development.


• Ongoing training.


• Multiple Social benefits: Canteen, health insurance, nursery check, English training...

• Bachelor's degree in Cybersecurity, Computer Science, or related field (or equivalent experience).


• Hands-on experience with OAuth2, OIDC, Cognito, and Keycloak for authentication and authorization.


• Experience securing Kafka-based event-driven architectures.


• Proficiency in PostgreSQL security mechanisms (encryption, auditing, access control).


• Knowledge of microservices security, API security (JWT, OAuth2), and secure RESTful APIs.


• Strong understanding of network security, IAM, and DevSecOps best practices.


• Experience with threat modeling, penetration testing, and vulnerability management.


• Familiarity with compliance frameworks (GDPR, SOC2, HIPAA, etc.).